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REMARKS 

In a final office action dated 20 May 2004, the Examiner rejects claims 1-11, 13- 
17, 19-23, 25-26 (all pending claims). In response to the office, Applicant respectfully 
traverses the rejections. Claims 1-11, 13-17, 19-23, and 25-26 remain in the AppUcation. 
In light of the following arguments, AppUcant respectfully requests that this Application 
be allowed. 

In the Final Office Action, the Examiner rejects claim 1 under 35 U.S.C. §102 (e) 
as being anticipated by U.S. Patent Number 6,574,666 Bl issued to Dutta (Dutta). To 
anticipate a claim under 35 U.S.C. § 102, a single source must contain all of the elements 
of the claim. Lewmar Marine Inc. v. Barient, Inc., 827 F.2d 744, 747, 3 U.S.P.Q.2d 
1766, 1768 (Fed. Cir. 1987), cert, denied, 484 U.S. 1007 (1988). Moreover, the single 
source most disclose all of the claimed elements "arranged as in the claim." 
[Emphasis added] Structural Rubber Prods. Co. v. Park Rubber Co., 749 F.2d 707, 716, 
223 U.S.P.Q. 1264, 1271 (Fed. Cir. 1984). The test for anticipation is symmetrical to the 
test for infringement and has been stated as: "That which would Uterally infringe [a 
claim] if later in time anticipates if earlier than the date of invention." Richardson v. 
Suzuki Motor Co., 868 F.2d 1226, 1236, 9 U.S.P.Q.2d 1913, 1920 (Fed. Cir. 1989); 
Connell v. Sears Roebuck & Co., 722 F.2d 1542, 1548, 220 U.S.P.Q. 1931, 1938 (Fed. 
Cir. 1983). The Dutta reference cited by the Examiner does not teach each and every 
claimed element as required by case law and the MPEP. 

Applicant maintains that Dutta does not teach the fu-ewall system recited in claim 
1 as arranged in the claim. Applicant wants to point out that the gist of Applicant's 
argument is that Dutta does not teach that the firewall contains two different modules 
that perform different functions, namely, the firewall core and the at least one inspection 
module. The firewall core passes packets to at least one inspection module. The Dutta 
teaching does not teach this feature. Dutta teaches the fu:ewall either applies a rule or 
retrieves a rule and appUes the rule to a packet. There is no teaching whatsoever of 
transmitting the packet to an inspection module. Therefore, Dutta does not teach all of 
the claimed elements as arranged in the claim. The following remarks highlight that all of 
the limitations are not taught and therefore are asserted again for the Examiner's 
consideration 
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Claim 1 recites at least one inspection module coupled for communication to said 
firewall core, each said at least one inspection module configured to provide protocol 
inspection of data packets to said firewall core, said firewall core configured to receive 
data packets from said plurality of conraiunication interfaces and conmiunicate said 
packets to said at least one inspection module for inspection, said at least one inspection 
module is further configured to be installed during the operation of the firewall system. 
Dutta does not teach this limitation. Instead, Dutta teaches a firewall system in which 
rules in a database may be retrieved by a firewall system to test the packets. In amended 
claim 1, the firewall core sends the packet to an inspection module that performs testing 
based upon rules stored in the module. Each module is software that is being executed 
to perform testing of a packet. Applicant cannot find any mention in Dutta of the use of 
different modules to test packets in a firewall system. 

The Examiner states that an inspection module is taught by Col. 5, Unes 1-12 
which states: 

... (the executing fetching instructions), which in 
one embodiment is also implemented in the kernel, and in 
another embodiment is implemented at the application 
layer. The fetching process retrieves a pertinent rule and 
sends it to the firewall process, which loads it at the firewall. 
This embodiment advantageously separates the functions 
of the traditional firewall from retrieving a rule by the 
firewall for a packet. This keeps the firewall instructions 
relatively simple, and a maintains a certain level of security 
by separating the firewall process from interactions with 
e.g. an extemal database from which rules are to be 
retrieved to be loaded at the firewall. 

Applicant does not see anything in this recited section that teaches an inspection 
module that provides inspection of packets for a firewall core. Instead, cited section 
teaches a firewall process for testing packets that has a separate fetching function that 
retrieves rules for testing to be used by a firewall process. There is no mention of 
separate modules for providing different tests as recited in claim 1. Furtiiermore, there is 
no mention of new modules that may be loaded during execution of the firewall process. 
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Thus, the at least one inspection module recited in amended claim 1 is not taught by 
Dutta. Therefore, Applicant respectfully requests that the rejection of claim 1 be removed 
and amended claim I be allowed. 

Claims 2-5 are dependent upon amended claim 1. Thus, claims 2-5 are allowable 
for at least the same reasons as amended claim 1. Therefore, Applicant respectfully 
requests that the rejections to claims 2-5 be removed and claims 2-5 be allowed. 

Amended claim 6 recites a firewall core that monitors a memory for inspection 
modules that are loaded into a memory during operation of the firewall system. Dutta 
does not teach this limitation. Instead, Dutta teaches a system that receives a packet, 
determines if a rule for testing the packet is in the firewall, and retrieving the rule from a 
database if the rule is not in the firewall. This is different from a core system that reads a 
memory to determine when a new module for performing tests is added to the memory. 
Thus, Dutta does not teach amended claim 6. Therefore, applicant requests that the 
rejection of claim 6 be removed and amended claim 6 be allowed. 

Claims 7-9 are dependent upon amended claim 6. Thus claims 7-9 are allowable 
for at least the same reasons as amended claim 6. Therefore, Applicant respectfully 
requests that the rejections of amended claims 7-9 be removed and claims 7-9 be 
allowed. 

Claim 10 recites an inspection module that is loaded into a memory monitored by 
the firewall core during operation of the firewall system. This not taught by Dutta. 
Instead, Dutta teaches a system that can retrieve a rule for testing a packet when the rule 
is not currently in the firewall system. There is no mention of the firewall system having a 
core that monitors a memory for new inspection modules that can test packets in new 
types of protocols. Thus, amended claim 10 is not taught by Dutta. Therefore, Applicant 
requests that the rejection of claim 10 be removed and amended claim 10 be allowed. 

Claims 11, 13 and 14 depend from claim 10. Thus, claims 11, 13, and 14 are 
allowable for at least the same reasons as claim 10. Therefore, Applicant requests that the 
rejections to claims 11,13, and 14 be removed and claims 11,13, and 14 be allowed. 



10 



Docket No.: CISCO-1935 



Claim 15 recites a method that loads an inspection module into a memory 
monitored by a firewall core during operation of the firewall system. Dutta does not 
teach this limitation. Instead, Dutta teaches a fn*ewall system that retrieves rules for 
handling a packet when the rules are not in the firewall. The retrieving of rules is 
different from receiving a module which performs the tests. Thus, amended claim 15 is 
not taught by Dutta. Therefore, Applicant respectfully requests that the rejection of 
claim 15 be removed and amended claim 15 be allowed. 

Claims 16, 17, 19 and 20 depend from claim 15. Thus, claims 16, 17, 19 and 20 are 
allowable for at least the same reasons as claim 15. Therefore, Applicant requests that 
the rejections to claims 16, 17, 19, and 20 be removed and claims 16, 17, 19, and 20 be 
allowed. 

Claim 21 claims a device that includes instructions for directing a computer to 
perform the method of claim 15. Thus claim 21 is allowable for at least the reason as claim 
15. Therefore, Applicant respectfully requests that rejection of claim 21 be allowed and 
amended claim 21 be allowed. 

Claims 22, 23, 25 and 26 depend from claim 21. Thus, claims 22, 23, 25 and 26 are 
allowable for at least the same reasons as claim 21. Therefore, Applicant requests that 
the rejections to claims 22, 23, 25, and 26 be removed and claims 22, 23, 25, and 26 be 
allowed. 

It is beUeved that this Amendment places the above-identified patent appUcation 
into condition for allowance. Early favorable consideration of this Amendment is 
earnestly solicited. 

If, in the opinion of the Examiner, an interview would expedite the prosecution of 
this appUcation, the Examiner is invited to call the undersigned attorney at the number 
indicated below. 



Sierra Patent Group, Ltd. 
P.O. Box 6149 
StateHne, NV 89449 
(775) 586-9500 
(775) 586-9550 Fax 



Dated: July 12, 2004 




Reg. No.: 43,265 
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